aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJay Satiro <raysatiro@yahoo.com>2016-07-26 01:46:23 -0400
committerJay Satiro <raysatiro@yahoo.com>2017-02-21 01:04:59 -0500
commitaf5fbb14bb4fd86cdc5bf2c9f1f2b3b5d8d2af66 (patch)
tree06cc25f1951966802f96d248f0a4a78bd64dfda0
parentde1c1a8d8564e8d80ce384b19572228d87e7d8bc (diff)
digest_sspi: Handle 'stale=TRUE' directive in HTTP digest
- If the server has provided another challenge use it as the replacement input token if stale=TRUE. Otherwise previous credentials have failed so return CURLE_LOGIN_DENIED. Prior to this change the stale directive was ignored and if another challenge was received it would cause error CURLE_BAD_CONTENT_ENCODING. Ref: https://tools.ietf.org/html/rfc2617#page-10 Bug: https://github.com/curl/curl/issues/928 Reported-by: tarek112@users.noreply.github.com
-rw-r--r--lib/vauth/digest_sspi.c43
1 files changed, 36 insertions, 7 deletions
diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c
index f9ee8a8fd..15f3d8c14 100644
--- a/lib/vauth/digest_sspi.c
+++ b/lib/vauth/digest_sspi.c
@@ -335,12 +335,43 @@ CURLcode Curl_auth_decode_digest_http_message(const char *chlg,
{
size_t chlglen = strlen(chlg);
- /* We had an input token before and we got another one now. This means we
- provided bad credentials in the previous request. */
- if(digest->input_token)
- return CURLE_BAD_CONTENT_ENCODING;
+ /* We had an input token before so if there's another one now that means we
+ provided bad credentials in the previous request or it's stale. */
+ if(digest->input_token) {
+ bool stale = false;
+ const char *p = chlg;
+
+ /* Check for the 'stale' directive */
+ for(;;) {
+ char value[DIGEST_MAX_VALUE_LENGTH];
+ char content[DIGEST_MAX_CONTENT_LENGTH];
+
+ while(*p && ISSPACE(*p))
+ p++;
+
+ if(!Curl_auth_digest_get_pair(p, value, content, &p))
+ break;
+
+ if(Curl_strcasecompare(value, "stale")
+ && Curl_strcasecompare(content, "true")) {
+ stale = true;
+ break;
+ }
- /* Simply store the challenge for use later */
+ while(*p && ISSPACE(*p))
+ p++;
+
+ if(',' == *p)
+ p++;
+ }
+
+ if(stale)
+ Curl_auth_digest_cleanup(digest);
+ else
+ return CURLE_LOGIN_DENIED;
+ }
+
+ /* Store the challenge for use later */
digest->input_token = (BYTE *) Curl_memdup(chlg, chlglen + 1);
if(!digest->input_token)
return CURLE_OUT_OF_MEMORY;
@@ -552,8 +583,6 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
if(!resp) {
free(output_token);
- Curl_safefree(digest->http_context);
-
return CURLE_OUT_OF_MEMORY;
}